Scripps Health Attackers Stole PHI of 147,000 Patients
Compliance
HealthInfoSec) • June 3, 2021 Get Permission
Scripps Health this week began notifying more than 147,000 individuals that their financial and health information was contained in documents stolen by attackers who deployed ransomware on the healthcare organization s network in May.
In a statement Tuesday, San Diego-based Scripps Health says its investigation into the incident discovered on May 1 has determined that an unauthorized person gained access to its network, deployed malware and, on April 29, acquired copies of some of the documents containing patient information. As the investigation is ongoing, we do not yet know the content of the remainder of documents we believe are involved, though we are working with third party experts to determine those facts as quickly as possible, Scripps Health says.
Several Scripps Health hospitals have been affected by a cyberattack that was detected Saturday.
San Diego-based Scripps Health, which operates four area hospitals, has been forced to postpone some patient care - and reportedly divert some patients seeking emergency treatment - as a result of what local news outlets say is a ransomware attack.
In a statement provided to Information Security Media Group, Scripps Health says that it detected an information technology security incident late on Saturday. As a result of this cyberattack, we suspended user access to our information technology applications related to our operations at our healthcare facilities, according to the statement. While our information technology applications are offline, patient care continues to be delivered safely and effectively at our facilities, utilizing established back-up processes, including offline documentation methods.